Design/Logic Flaw

2022-01-1217:15:00

PRIOn knowledge base

www.prio-n.com

9.6 High

AI Score

Confidence

High

0.029 Low

EPSS

Percentile

90.9%

JSON

In Sourcecodetester Printable Staff ID Card Creator System 1.0 after compromising the database via SQLi, an attacker can log in and leverage an arbitrary file upload vulnerability to obtain remote code execution.

CPENameOperatorVersion
printable_staff_id_card_creator_systemeq1.0

CPE	Name	Operator	Version
	printable_staff_id_card_creator_system	eq	1.0

References

www.exploit-db.com/exploits/49877

www.sourcecodester.com/php/12802/php-staff-id-card-creation-and-printing-system.html